Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-29800 | 1 Microsoft | 1 Windows Defender For Endpoint | 2024-02-28 | N/A | 4.7 MEDIUM |
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not. | |||||
CVE-2022-29799 | 1 Microsoft | 1 Windows Defender For Endpoint | 2024-02-28 | N/A | 5.5 MEDIUM |
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” base directory. |